Command availability, In this appendix, Command validation checks – Dell POWEREDGE M1000E User Manual

Page 1155: Appendix a, Appendix a, “command availability, Fer to, Appendix appendix a, “command availability, For a comple, Appendix

Advertising
background image

Fabric OS Command Reference

1127

53-1002746-01

Appendix

A

Command Availability

In this appendix

Command validation checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1127

Command Admin Domain and Virtual Fabrics restrictions . . . . . . . . . . . . . . 1128

Command validation checks

Before a command is executed, it is validated against the following checks.

1.

Active or Standby availability: On enterprise-class platforms systems, checks that the command is
available on the Control Processor (CP).

2.

Role-Based Access Control (RBAC) availability: Checks that the invoking user’s role is permitted to
invoke the command. If the command modifies system state, the user's role must have modify
permission for the command. If the command only displays system state, the user's role must have
observe permission for the command. Some commands both observe and modify system state and
thus require observe-modify permission. The following RBAC permissions are supported:

-

O = Observe

-

OM = Observe-modify,

-

N = None or not available

3.

Admin Domain availability: If Admin Domains are enabled, the system checks that the command is
allowed in the currently selected Admin Domain. For information on Admin Domain concepts and
restrictions, refer to the Fabric OS Administrator’s Guide.

Admin Domain types are one or more of the following. If more than one AD type is listed for a
command, the AD type is option- specific. Display options may be allowed, but set options may
be subject to Admin Domain restrictions.

-

SwitchMember = Allowed to execute only if the local switch is part of the current AD.

-

Allowed = Allowed to execute in all ADs.

-

PhysFabricOnly = Allowed to execute only in AD255 context (and the user should own access
to AD0-AD255 and have admin RBAC privilege).

-

Disallowed = Allowed to execute onlyin AD0 or AD255 context; not allowed in AD1-AD254
context.

-

PortMember = All control operations allowed only if the port or the local switch is part of the
current AD. View access allowed if the device attached to the port is part of the current AD.

-

AD0Disallowed = Allowed to execute only in AD255 and AD0 (if no ADs are configured).

-

AD0Only = Allowed to execute only in AD0 when ADs are not configured.

4.

Virtual Fabric availability: If Virtual Fabrics are enabled, commands are checked for context and
switch type as follows:

-

Virtual Fabric context (VF) = Command applies to the current logical switch only, or to a
specified logical switch.

Advertising
Popular Brands
Popular manuals